def critical_product_metrics(request, mtype):
template = 'dojo/metrics.html'
page_name = 'Critical Product Metrics'
critical_products = get_authorized_product_types(Permissions.Product_Type_View)
critical_products = critical_products.filter(critical_product=True)
add_breadcrumb(title=page_name, top_level=not len(request.GET), request=request)
return render(request, template, {
'name': page_name,
'critical_prods': critical_products,
'url_prefix': get_system_setting('url_prefix')
})
def product_type(request):
prod_types = get_authorized_product_types(Permissions.Product_Type_View)
name_words = prod_types.values_list('name', flat=True)
ptl = ProductTypeFilter(request.GET, queryset=prod_types)
pts = get_page_items(request, ptl.qs, 25)
pts.object_list = prefetch_for_product_type(pts.object_list)
add_breadcrumb(title="Product Type List", top_level=True, request=request)
return render(request, 'dojo/product_type.html', {
'name': 'Product Type List',
'pts': pts,
'ptl': ptl,
'name_words': name_words})
def can_add_product(user):
return get_authorized_product_types(Permissions.Product_Type_Add_Product).count() > 0
def simple_metrics(request):
now = timezone.now()
if request.method == 'POST':
form = SimpleMetricsForm(request.POST)
if form.is_valid():
now = form.cleaned_data['date']
form = SimpleMetricsForm({'date': now})
else:
form = SimpleMetricsForm({'date': now})
findings_by_product_type = collections.OrderedDict()
# for each product type find each product with open findings and
# count the S0, S1, S2 and S3
# legacy code calls has 'prod_type' as 'related_name' for product.... so weird looking prefetch
product_types = get_authorized_product_types(Permissions.Product_Type_View)
product_types = product_types.prefetch_related('prod_type', 'prod_type__authorized_users', 'authorized_users')
for pt in product_types:
total_critical = []
total_high = []
total_medium = []
total_low = []
total_info = []
total_closed = []
total_opened = []
findings_broken_out = {}
total = Finding.objects.filter(test__engagement__product__prod_type=pt,
verified=True,
false_p=False,
duplicate=False,
out_of_scope=False,
date__month=now.month,
date__year=now.year,
).distinct().prefetch_related('test__engagement__product__authorized_users', 'test__engagement__product__prod_type__authorized_users')
for f in total:
if f.severity == "Critical":
total_critical.append(f)
elif f.severity == 'High':
total_high.append(f)
elif f.severity == 'Medium':
total_medium.append(f)
elif f.severity == 'Low':
total_low.append(f)
else:
total_info.append(f)
if f.mitigated and f.mitigated.year == now.year and f.mitigated.month == now.month:
total_closed.append(f)
if f.date.year == now.year and f.date.month == now.month:
total_opened.append(f)
findings_broken_out['Total'] = len(total)
findings_broken_out['S0'] = len(total_critical)
findings_broken_out['S1'] = len(total_high)
findings_broken_out['S2'] = len(total_medium)
findings_broken_out['S3'] = len(total_low)
findings_broken_out['S4'] = len(total_info)
findings_broken_out['Opened'] = len(total_opened)
findings_broken_out['Closed'] = len(total_closed)
findings_by_product_type[pt] = findings_broken_out
add_breadcrumb(title="Simple Metrics", top_level=True, request=request)
return render(request, 'dojo/simple_metrics.html', {
'findings': findings_by_product_type,
'name': 'Simple Metrics',
'metric': True,
'user': request.user,
'form': form,
})
def metrics(request, mtype):
template = 'dojo/metrics.html'
show_pt_filter = True
view = identify_view(request)
page_name = 'Product Type Metrics by '
if mtype != 'All':
pt = Product_Type.objects.filter(id=mtype)
request.GET._mutable = True
request.GET.appendlist('test__engagement__product__prod_type', mtype)
request.GET._mutable = False
mtype = pt[0].name
show_pt_filter = False
page_name = '%s Metrics' % mtype
prod_type = pt
elif 'test__engagement__product__prod_type' in request.GET:
prod_type = Product_Type.objects.filter(id__in=request.GET.getlist('test__engagement__product__prod_type', []))
else:
prod_type = get_authorized_product_types(Permissions.Product_Type_View)
# legacy code calls has 'prod_type' as 'related_name' for product.... so weird looking prefetch
prod_type = prod_type.prefetch_related('prod_type', 'prod_type__authorized_users', 'authorized_users')
filters = dict()
if view == 'Finding':
page_name += 'Findings'
filters = finding_querys(prod_type, request)
elif view == 'Endpoint':
page_name += 'Affected Endpoints'
filters = endpoint_querys(prod_type, request)
in_period_counts, in_period_details, age_detail = get_in_period_details([
obj.finding if view == 'Endpoint' else obj
for obj in queryset_check(filters['all'])
])
accepted_in_period_details = get_accepted_in_period_details([
obj.finding if view == 'Endpoint' else obj
for obj in filters['accepted']
])
closed_in_period_counts, closed_in_period_details = get_closed_in_period_details([
obj.finding if view == 'Endpoint' else obj
for obj in filters['closed']
])
punchcard = list()
ticks = list()
if 'view' in request.GET and 'dashboard' == request.GET['view']:
punchcard, ticks = get_punchcard_data(queryset_check(filters['all']), filters['start_date'], filters['weeks_between'], view)
page_name = (get_system_setting('team_name')) + " Metrics"
template = 'dojo/dashboard-metrics.html'
add_breadcrumb(title=page_name, top_level=not len(request.GET), request=request)
return render(request, template, {
'name': page_name,
'start_date': filters['start_date'],
'end_date': filters['end_date'],
'findings': filters['all'],
'opened_per_month': filters['monthly_counts']['opened_per_period'],
'active_per_month': filters['monthly_counts']['active_per_period'],
'opened_per_week': filters['weekly_counts']['opened_per_period'],
'accepted_per_month': filters['monthly_counts']['accepted_per_period'],
'accepted_per_week': filters['weekly_counts']['accepted_per_period'],
'top_ten_products': filters['top_ten'],
'age_detail': age_detail,
'in_period_counts': in_period_counts,
'in_period_details': in_period_details,
'accepted_in_period_counts': filters['accepted_count'],
'accepted_in_period_details': accepted_in_period_details,
'closed_in_period_counts': closed_in_period_counts,
'closed_in_period_details': closed_in_period_details,
'punchcard': punchcard,
'ticks': ticks,
'show_pt_filter': show_pt_filter,
})
